|
Volmarias posted:The broadcast system for Fox News is quietly subverted, and an official looking announcement that China has launched nuclear weapons at the US is played nationally. hmm nah. this attack is far too destructive and prevents long term persistence.
|
# ? Jan 13, 2018 06:02 |
|
|
# ? May 28, 2024 15:15 |
|
vOv posted:sometimes just sending the request can be enough even if you don't get to read the response sure, but in that case a redirect or image tag works
|
# ? Jan 13, 2018 13:56 |
|
Subjunctive posted:sure, but in that case a redirect or image tag works not for a POST?
|
# ? Jan 13, 2018 14:04 |
|
Cocoa Crispies posted:not for a POST? oh, fair enough
|
# ? Jan 13, 2018 14:07 |
|
Cocoa Crispies posted:not for a POST? Hidden <form> with target set to a hidden iframe and js to submit() it automatically It's the more elaborate verbs (PATCH, PUT, DELETE) you can't do
|
# ? Jan 13, 2018 16:20 |
|
wish we could restrict your POSTs
|
# ? Jan 13, 2018 17:42 |
|
Raere posted:wish we could restrict your POSTs drat
|
# ? Jan 13, 2018 18:09 |
|
Volmarias posted:The broadcast system for Fox News is quietly subverted, and an official looking announcement that China has launched nuclear weapons at the US is played nationally. not a secfuck per se but i'm the THIS IS NOT A DRILL on the actually-a-drill emergency alert opfuck? https://twitter.com/TulsiGabbard/status/952243723525677056
|
# ? Jan 13, 2018 20:03 |
|
Grace Baiting posted:not a secfuck per se but i'm the THIS IS NOT A DRILL on the actually-a-drill emergency alert alarm fatigue is a real security problem. if your burglar alarm goes off spuriously every night you get in the habit of dismissing it without checking.
|
# ? Jan 13, 2018 20:11 |
|
Grace Baiting posted:not a secfuck per se but i'm the THIS IS NOT A DRILL on the actually-a-drill emergency alert
|
# ? Jan 13, 2018 21:08 |
|
Grace Baiting posted:not a secfuck per se but i'm the THIS IS NOT A DRILL on the actually-a-drill emergency alert Jesus 2018, it's only mid January, settle down here.
|
# ? Jan 13, 2018 21:48 |
|
Volmarias posted:Jesus 2018, it's only mid January, settle down here. yeah the winter olympics aren't even for another 27 days
|
# ? Jan 13, 2018 22:12 |
|
Midjack posted:alarm fatigue is a real security problem. if your burglar alarm goes off spuriously every night you get in the habit of dismissing it without checking. we call it ‘crying wolf’ round these parts
|
# ? Jan 13, 2018 22:15 |
|
Grace Baiting posted:not a secfuck per se but i'm the THIS IS NOT A DRILL on the actually-a-drill emergency alert Was it actually a drill or did the EBS get hosed/hacked again? That poo poo is easier to do than one might imagine. https://www.youtube.com/watch?v=ZJF2EA-usMA
|
# ? Jan 13, 2018 22:22 |
|
"someone pressed the wrong button"
|
# ? Jan 13, 2018 23:07 |
|
Phone posted:"someone pressed the wrong button" edited for less poo poo video: https://youtu.be/pPKymEC_Hss Midjack fucked around with this message at 23:13 on Jan 13, 2018 |
# ? Jan 13, 2018 23:10 |
|
how does it take 40 minutes to issue a correction? talk about compounding a fuckup
|
# ? Jan 14, 2018 01:17 |
|
Midjack posted:alarm fatigue is a real security problem. if your burglar alarm goes off spuriously every night you get in the habit of dismissing it without checking. i feel like car alarms are a great example of this issue when was the last time anybody actually heard a car alarm and had a reaction other than "ugh someone turn that poo poo off"
|
# ? Jan 14, 2018 01:41 |
|
Meat Beat Agent posted:i feel like car alarms are a great example of this issue The car alarm is for the owner so he can check it out, and potentially to discourage a thief. Not for anyone else.
|
# ? Jan 14, 2018 02:04 |
|
ate poo poo on live tv posted:The car alarm is for the owner so he can check it out, and potentially to discourage a thief. Not for anyone else. except the car owners also become conditioned to feel shame when their fragile car freaks out for the fifth time during a funeral “not my car!!”
|
# ? Jan 14, 2018 02:11 |
|
the only purpose a car alarm serves in 2018 is to reinforce that an establishing shot is of The Bad Side Of Town
|
# ? Jan 14, 2018 02:27 |
|
ate poo poo on live tv posted:The car alarm is for the owner so he can check it out, and potentially to discourage a thief. Not for anyone else. the first place I lived in downtown Toronto there was some stupid oval office up the street who had a car alarm, and every single goddam night i would fall asleep to: whoop on whoop off whoop on whoop off whoop on whoop alarm going off! beep beep beep thing goes off repeat above at least 3 x
|
# ? Jan 14, 2018 02:46 |
|
cant find the tweet rn but someone who used to work in the government that is responsible for "the button" tweeted a thread about how it's absolutely impossible to absolutely trigger and it was 100% a hack or a false alarm from even higher up
|
# ? Jan 14, 2018 02:50 |
|
thank you for badly recalling the words of some twitter rando
|
# ? Jan 14, 2018 02:58 |
|
there's something incredibly amusing about the hawaii ews team perpetrating a stunningly effective terrorist attack, entirely by accident
|
# ? Jan 14, 2018 02:59 |
|
Fuzzy Mammal posted:how does it take 40 minutes to issue a correction? talk about compounding a fuckup I’ve seen some people say, “Maybe there actually was a launch and they issued a ‘correction’ when the missile failed!” I don’t think an ICBM launch could actually be kept secret, though, there are too many eyes with too many different agendas looking for them.
|
# ? Jan 14, 2018 03:14 |
|
someone pressing the wrong button doesn't explain why there was like a 30-minute gap in between the alert and the all-clear
|
# ? Jan 14, 2018 03:16 |
|
eschaton posted:I’ve seen some people say, “Maybe there actually was a launch and they issued a ‘correction’ when the missile failed!” Yeah, China would have lost their minds if this happened. We'd already be talking about the Chinese Interim Government if NK had launched an attack.
|
# ? Jan 14, 2018 03:17 |
|
pseudorandom name posted:thank you for badly recalling the words of some twitter rando here, jfc https://taskandpurpose.com/emergency-alert-system-hawaii-false-alarm/ quote:The governor of Hawaii claims that during a shift change, an operator simply hit the wrong button. Well, it doesn’t exactly work that way. These alerts are not actuated by physically pushed buttons because the number of buttons that would require, for all of the different types of alerts, would be unwieldy. An operator would either type in the desired alert (or select from canned messages), select which communications mediums they’d like to use and the populations they’d like to alert, and then hit “send” and then again confirm that they really want to send that message. The canned messages might be available as electronically selectable on a computer screen (like a Windows button) but a “confirm” dialogue would still be required.
|
# ? Jan 14, 2018 04:18 |
|
a random guy on the internet posted:It’s been several years since I worked with any EAS tech. But we had a “draft” mode (aka test mode or sandbox mode) that would let us preview anything about to be sent out. The live and draft environments look and operate almost identically, with the exception of the border color on the display window, a radio button on the screen, and the distribution sheet. I’m guessing that someone didn’t realize they were in the live environment before hitting send.
|
# ? Jan 14, 2018 04:25 |
|
Farmer Crack-rear end posted:i've been idly wondering what the absolute worst-case scenario would be for a security flaw. one thought that comes to mind would be some kind of unpatchable hardware bug in a bunch of routers where large swathes of the internet would just be hard down until new routers could be manufactured and deployed. Heresiarch posted:CVE-32.02e13-0237
|
# ? Jan 14, 2018 04:48 |
|
He was wondering about worst case, that's pretty much best case. It would mean there's still life at the end of the universe. And at the very least, it would end end users, eliminating all security problems permanently.
|
# ? Jan 14, 2018 05:03 |
anthonypants posted:someone pressing the wrong button doesn't explain why there was like a 30-minute gap in between the alert and the all-clear According to this: https://www.theatlantic.com/technology/archive/2018/01/the-internet-broke-emergency-alerts/550520/ quote:It does appear that the agency might have attempted to cancel the IPAWS alert five minutes after sending the erroneous one. But even if that cancellation might have ceased further delivery of messages to televisions or phones that were offline or on calls, it wouldn’t have issued a reversal.
|
|
# ? Jan 14, 2018 05:06 |
|
goon that supposedly worked at hawaii emergency management: https://forums.somethingawful.com/showthread.php?threadid=3845210&userid=117949 it's probably all true because lmao of course it is, it's 2018
|
# ? Jan 14, 2018 07:52 |
|
how big an economic hit would it be if someone penetrated Amazon and managed to cause all the AWS hosts to delete everything
|
# ? Jan 15, 2018 00:03 |
|
Farmer Crack-rear end posted:how big an economic hit would it be if someone penetrated Amazon and managed to cause all the AWS hosts to delete everything If it was all of them and it happened at basically the same time, you would straight up erase most companies (because of course they don't have backups). Not to mention many code bases live in Github etc. and some of them may be hosted on AWS themselves, or at least have assets that would need to be pulled down from AWS. S3 outage last year on it's own knocked out a significant amount of web-traffic, so yea I could see that being pretty huge.
|
# ? Jan 15, 2018 00:30 |
|
https://twitter.com/perpetualgeek/status/952693228259684354
|
# ? Jan 15, 2018 01:28 |
|
ate poo poo on live tv posted:If it was all of them and it happened at basically the same time, you would straight up erase most companies (because of course they don't have backups). Not to mention many code bases live in Github etc. and some of them may be hosted on AWS themselves, or at least have assets that would need to be pulled down from AWS. at least stuff that's stored on github has distributed backups by the nature of git though you'd lose the issue tracker
|
# ? Jan 15, 2018 01:51 |
|
Farmer Crack-rear end posted:i've been idly wondering what the absolute worst-case scenario would be for a security flaw.
|
# ? Jan 15, 2018 03:56 |
|
|
# ? May 28, 2024 15:15 |
|
vOv posted:at least stuff that's stored on github has distributed backups by the nature of git you mean github doesn’t store issues in a random branch in your repo like it stores pull requests and pages?
|
# ? Jan 15, 2018 04:51 |